{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"85.0.4183.102-lp152.2.30.1","chromium":"85.0.4183.102-lp152.2.30.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.1","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"85.0.4183.102-lp152.2.30.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"85.0.4183.102-lp152.2.30.1","chromium":"85.0.4183.102-lp152.2.30.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"85.0.4183.102-lp152.2.30.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChromium was updated to version 85.0.4183.102 (bsc#1176306) fixing:\n\n- CVE-2020-6573: Use after free in video.\n- CVE-2020-6574: Insufficient policy enforcement in installer. \n- CVE-2020-6575: Race in Mojo.\n- CVE-2020-6576: Use after free in offscreen canvas. \n- CVE-2020-15959: Insufficient policy enforcement in networking.\n\nChromium was updated to version 85.0.4183.83 (boo#1175757) fixing:\n\n- CVE-2020-6558: Insufficient policy enforcement in iOS\n- CVE-2020-6559: Use after free in presentation API\n- CVE-2020-6560: Insufficient policy enforcement in autofill\n- CVE-2020-6561: Inappropriate implementation in Content Security Policy\n- CVE-2020-6562: Insufficient policy enforcement in Blink\n- CVE-2020-6563: Insufficient policy enforcement in intent handling.\n- CVE-2020-6564: Incorrect security UI in permissions\n- CVE-2020-6565: Incorrect security UI in Omnibox.\n- CVE-2020-6566: Insufficient policy enforcement in media.\n- CVE-2020-6567: Insufficient validation of untrusted input in command line handling.\n- CVE-2020-6568: Insufficient policy enforcement in intent handling.\n- CVE-2020-6569: Integer overflow in WebUSB.\n- CVE-2020-6570: Side-channel information leakage in WebRTC.\n- CVE-2020-6571: Incorrect security UI in Omnibox.\n","id":"openSUSE-SU-2020:1499-1","modified":"2020-09-22T08:22:47Z","published":"2020-09-22T08:22:47Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVLIV2CRZYKLIUJ6AKW5DXJ5TG44WR3E/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1175757"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176306"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176450"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-15959"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6558"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6559"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6560"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6561"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6562"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6563"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6564"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6565"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6566"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6567"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6568"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6569"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6570"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6571"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6573"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6574"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6575"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-6576"}],"related":["CVE-2020-15959","CVE-2020-6558","CVE-2020-6559","CVE-2020-6560","CVE-2020-6561","CVE-2020-6562","CVE-2020-6563","CVE-2020-6564","CVE-2020-6565","CVE-2020-6566","CVE-2020-6567","CVE-2020-6568","CVE-2020-6569","CVE-2020-6570","CVE-2020-6571","CVE-2020-6573","CVE-2020-6574","CVE-2020-6575","CVE-2020-6576"],"summary":"Security update for chromium","upstream":["CVE-2020-15959","CVE-2020-6558","CVE-2020-6559","CVE-2020-6560","CVE-2020-6561","CVE-2020-6562","CVE-2020-6563","CVE-2020-6564","CVE-2020-6565","CVE-2020-6566","CVE-2020-6567","CVE-2020-6568","CVE-2020-6569","CVE-2020-6570","CVE-2020-6571","CVE-2020-6573","CVE-2020-6574","CVE-2020-6575","CVE-2020-6576"]}